Protecting Yourself from Data Breaches Just Got Personal
Even if you aren’t being targeted, you’re always at risk of being hacked
Opinions / September 13, 2018
Hackers may not be specifically targeting you, but if they are targeting a larger business or service that you use, you are still at risk of having your personal information leaked or sold to the highest bidder.
Companies may claim that their online security is invulnerable but, in reality, that is not the case. While many companies do focus heavily on their security infrastructure, smaller businesses tend to lack the funds, knowledge, or awareness to do so.
For the majority of you, your email account is the most important one to keep secure. This is because, if you forget any passwords on other online accounts, you can reset them using your email as proof of ownership over your accounts. If a malicious hacker has access to your email, they can shut you out from all of your online accounts, making it a breeze to impersonate you online. This would be akin to identity theft, with unimaginable potential damages to your reputation, work, communications with friends and family, or anything sensitive you keep saved on the Cloud or in your emails.
If you have a Google account and want to quickly make sure you are the only one with access to it, there’s a nifty account activity and security page that Google provides to check the location, times, and device types of anyone who has logged in. One thing to note here is that the city listed with your devices may not be entirely accurate, as it is estimated based on the physical location of your internet service provider. If it shows access from the next city over, you are probably fine, but if it shows access from a different country, it’s probably best that you change your password and manually revoke account access from that device immediately.
When security professionals talk about the act of cracking passwords, they aren’t talking about opening a web browser and trying to sign into an account thousands of times. They are talking about making millions of attempts at decoding a string of text called a hash.
A hash is a special type of encryption that websites use to store your password. It’s special because it is mathematically impossible to reverse this encryption, which prevents the company and their employees from being able to view your passwords.
The only way to decode it is with a brute force attack. Brute forcing is when a hacker tries hashing every single combination of letters, words, numbers, and symbols until they are given a hash that is the same as the one found in the website’s database.
Making sure you use long and complex passwords consisting of uppercase letters, lowercase letters, and symbols will reduce your likelihood of being hacked. Once a hacker has breached a company’s security and starts downloading their databases, it will only be a matter of time until they have your passwords. Having a stronger password will take the longest time for the hackers to crack, with the most complex passwords potentially taking months. This gives you time to adequately secure your account and change your password before it can ever be discovered.
I highly recommend that you use different passwords or variations of your passwords across all of your online accounts so that, if a single password becomes exposed, you don’t risk losing your other accounts.
Educating your family and friends about the threat of data breaches as well as the precautionary measures they can take is an ever growing importance in the world we live in.